Add to collection(s) Add to saved
  1. Business
  2. Management

security-frmwrk

advertisement 
Computer Security- A Framework
Describe the four ways in which tomorrow’s security threats will be worse than
today’s.
Attacks will be more frequent. They are roughly doubling in
number each year.
There will be growing randomness in victim selection. Small
obscure firms will not be safe.
A larger percentage of attacks will be malicious. Most today really
are not, but the trend is to be more damaging.
Attacks will be more automated, allowing greater numbers of
victims per attack.
b) Should we plan based upon current experiences? Explain.
No. Tomorrow’s threat environment will be far worse, and
protections have to be based on future attacks, not just today’s
attacks.
a) What is hacking?
Hacking is intentionally accessing (using) a computer without
authorization or beyond authorized permission.
b) Are hackers distinguished from other attackers by their skill or by their
use of attack software?
Skill. And dogged persistence. Most hacks are not done quickly
except to exploit a major vulnerability.
c) Describe the motivations of elite hackers.
Vary widely. Thrill of the exploit. Reputation among other
hackers. Vandalism. Crime.
d) Distinguish between white hat hackers, black hat hackers, and gray hat
hackers.
White hat hackers hack but tell the systems administrator about
vulnerabilities. Black hats hack but do not help the victim systems
administrator. Grey hats do both.
Sometimes, paid attackers doing vulnerability testing are called
white hat hackers.
e) What are ethical hackers?
These are hackers who have codes of ethics. These codes usually
some actions which allow many victims would call harm.
f) Are white hat hacking and ethical hacking defenses against criminal
prosecution?
No. Hacking is still a crime unless the victim authorizes the hack.
a) What do you think are the motivations of virus writers?
Sometimes the thrill of being able to do it. Sometimes a desire to
harm.
b) Virus releasers? (You will need to draw your own conclusions to
answer these questions.)
Virus releasing, not virus writing, is a crime.
Intent to do harm. Thrill of watching the damage.
a) Who are script kiddies?
Hackers with modest technical skills who use attack scripts (kiddie
scripts) created by more experienced attackers.
b) What makes them dangerous?
There are many of them, and their kiddie scripts are potent.
c) Why are corporations often unwilling to prosecute script kiddies?
Potential loss of reputation.
Cost of prosecution.
Many script kiddies are minors who would not receive serious
sentences.
a) List the major types of criminal attacks.
Credit card and identity theft
Stealing trade secrets (intellectual property)
Extortion
b) Distinguish between stealing credit cards and identity theft.
Page 2
In credit card number theft, the attacker steals credit card numbers
and uses them to make unauthorized purchases.
In identity theft, the thief steals enough personal information about
a person to set up fake bank accounts, get credit cards, and do
other major financial transactions in the victim’s name.
a) Why are corporate employees especially dangerous?
They have knowledge of the system and access permissions.
b) What kinds of attacks do they perpetrate?
Sabotage, financial theft, theft of trade secrets
c) Why are corporate IT and security staffs especially dangerous?
The have specialized knowledge and access permissions.
Many computer crimes are committed by corporate IT and security
staff members.
1.
What are the main types of attacks?
Physical access attacks
Dialog attacks
Penetration attacks (scanning or probing, break-in or hacking,
denial-of-service, malware viruses and worms)
Social engineering
a) What is the purpose of wiretaps?
To tap into conversations to steal information
(Not mentioned in the text: To get unauthorized Internet access)
b) How have wireless LANs made wiretapping easier?
Signals extend beyond the corporate premises, so wiretappers can
lurk outside the company’s grounds
c) Why is password cracking difficult if you do not have physical access
to the computer?
Usually, you are locked out after a few guesses.
a) What is social engineering?
Social engineering is tricking an employee into giving out
information or taking an action that reduces security or harms a
system
b) How can it be stopped?
Page 3
Training and enforcement
3.
a) an attacker-in-the-middle attack?
When the attacker can intercept messages passing between two
communicating parties.
b) eavesdropping?
Reading messages sent between two parties.
c) How is eavesdropping thwarted?
By encrypting messages.
d) What is confidentiality?
Protection against the reading of intercepted messages.
e) What is impersonation?
Pretending to be someone else when sending messages.
f) What is authentication?
Requiring communication partners to prove their identity.
g) What is message integrity?
The assurance that the receiver will be able to detect any changes
made en route.
h) What is a cryptographic system?
A cryptographic system is a system that automatically implements
confidentiality, authentication, integrity, and other safeguards as a
package.
Briefly describe the four types of penetration attacks.
Scanning (probing) attacks
Break-in (hacking) attacks
Denial-of-service attacks
Malware (viruses and worms)
4.
Why is security primarily a management issue, not a technology issue?
Page 4
Without correct strategy and implementation, technology will do
little good.
What is top-to-bottom security?
There must be commitment to security from top management to
the lowest levels of the firm.
b) Why is the enforcement of security policies through the sanctioning of
violators important?
You get what you enforce. If you do not enforce rules, they will
not be followed.
What is comprehensive security?
Closing all avenues of attack.
Describe defense in depth.
Attacker must break through multiple defenses to be successful
What are security audits, and why are they crucial for comprehensive security?
Security audits test all avenues of attacks to ensure that defenses
are working.
Without security audits, a company will not know if it has
comprehensive security.
What costs do firms weigh in risk analysis?
The costs of both attacks and defenses
How is threat severity computed?
Cost of a successful attack times the probability of a successful
attack.
How is the value of protection computed?
Threat severity minus the cost of protections
Why is prioritization important, and how is it done?
Companies have limited resources. Must spend on
countermeasures with the highest value of protection.
5. Why are security policies important?
Page 5
Security policies govern individual actions.
6.
Create three corporate security policies. These policies should be specific.
Otherwise, there would be ambiguity in their application.
Home computers connected remotely to the corporate network
must have antivirus programs updated daily.
Passwords must be changed every sixty days and must not be
passwords used previously.
Each firewall log must be examined daily for at least an hour.
Page 6
Related documents
Weekly QUEST Discussion Topics and News May 10th
Weekly QUEST Discussion Topics and News May 10th
In today world of advance computing and more computer conneted
In today world of advance computing and more computer conneted
Unit 20 – The Ex Hacker – Model Answers
Unit 20 – The Ex Hacker – Model Answers
Syllabus
Syllabus
Gallaugher2_0-PPT
Gallaugher2_0-PPT
Syllabus
Syllabus
What is Ethical Hacking??
What is Ethical Hacking??
Hacking
Hacking
Exploring The Internet The Dark Side Of The Internet
Exploring The Internet The Dark Side Of The Internet
Download
advertisement